package com.cskaoyan.config;

import com.cskaoyan.config.shiroConfig.CustomRealm;
import com.cskaoyan.config.shiroConfig.MarketSessionManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.Arrays;
import java.util.LinkedHashMap;

/**
 * @author wxgl
 * @date 2022-12-30 22:19
 * @describe
 */
@Configuration
public class ShiroConfiguration {
    /*
    * ShiroFilter--->SecurityMannager
    * */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager){

        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //提供filter链 --》配置的内容类似于之前的HandlerIntercepter
        //1.Filter是谁  anno、authc、perms
        //2.filter的作用  建立URL和Filter映射关系
        //3.Filter之间的顺序  书写顺序

        //通常的顺序anon  authc perms
        //anon写在最前面
        //保证map有序
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        //map key为URL
        //map value filter名称
        map.put("/admin/auth/login","anon");
        map.put("/admin/auth/info","anon");
        map.put("/admin/auth/noAuthc","anon");
        map.put("/wx/auth/login","anon");

        map.put("/wx/cart/**","authc");
        map.put("/wx/auth/**","anon");

        map.put("/wx/auth/regCaptcha","anon");
        map.put("/wx/auth/register","anon");
        map.put("/wx/cart/**","anon");

        map.put("/wx/coupon/list","anon");
        map.put("/admin/**","authc");

        //就是访问admin/auth/list这个请求
//        map.put("admin/auth/list","perms[aaa]");

        //如果访问某个请求的时候该请求对应的filter是authc,如果没有通过这个filter则说明没有权限
        //shiro会给你重定向  默认的重定向地址/login.jsp
        //如果想要修改重定向地址，可以使用方法来修改
        shiroFilterFactoryBean.setLoginUrl("admin/auth/noAuthc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        return shiroFilterFactoryBean;
    }

    /*
    * SecurityManager-->
    * Authenticator
    * Authorrizer
    * Realms
    * SessionManager
    * */
    @Bean
    public DefaultWebSecurityManager securityManager(CustomRealm realm,
                                                     DefaultWebSessionManager sessionManager){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealms(Arrays.asList(realm));
        //Arrays.asList(类名)
        securityManager.setSessionManager(sessionManager);
        return securityManager;

    }

    /*
    * Realm extends AuthorizingRealm
    * 手动实现，在类上面手动添加Component
    * */

    /*
     * SessionManager
     * 选择Shiro提供的
     * */
    @Bean
    public DefaultWebSessionManager sessionManager(){
        return new MarketSessionManager();
    }

    // 用到AspectJ → 使用注解的方式，将权限和url绑定起来
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

}
